Applying QoS on Tunnel Interfaces
This article explains important considerations while setting up the QoS profile and relationship between different parameters in QoS profiles.
This article makes the following assumptions:
- Maximum bandwidth of an interface (ethernet1/1) is 1000Mbps
- Out of 1000Mbps, clear text traffic should have guaranteed bandwidth of 980Mbps
- The rest should be assigned to tunneled traffic
- Total number of tunnel interfaces on device is 16
- Number of tunnels terminating on ethernet1/1 interface is 15
There are 16 gateways i.e. 16 tunnels/tunnel interfaces on the device however, 15 of these tunnels terminate on interface ethernet1/1 and 1 tunnel on ethernet1/3:
- Egress Max of Tunneled Traffic + Egress guaranteed of Clear(Regular) Text Traffic <= Egress Max of Interface
Egress Max of Interface = 1000Mbps
Egress guaranteed of clear text traffic = 980Mbps
Therefore, Egress Max of Tunneled Traffic = (1000-980)Mbps = 20Mbps
This means, "ClearText" profile applied to Clear Text of Interface could have Egress Max=1000Mbps and Egress Guaranteed = 980Mbps. Also, "Tunnel" profile applied to Tunnel Interface could have Egress Max=20Mbps only
We cannot specify Egress Max of Tunneled Traffic profile to be more than 20Mbps now. If we specify it to be more than 20Mbps, there would be a validation error as "Tunnel-traffic-group max bandwidth is smaller than tunnel.X (profile Tunnel) max bandwidth"
This error means tunnel traffic profile can be max of 20Mbps but in "Tunnel" Profile, we have specified Egress Max as more than 20Mbps. This error message would be listed for each of 15 tunnel interfaces on ethernet1/1 interface.
Similarly, we cannot specify Tunnel Traffic Egress Max to be more than 20Mbps under Network > QoS also. Validation would give an error, "Max tunnel traffic bandwidth plus guaranteed regular traffic bandwidth cannot exceed interface bandwidth"
- Tunnel Traffic Egress Guaranteed <= Tunnel Egress Max / Number of tunnels on the physical interface
Number of tunnels/tunnel Interfaces that terminates on ethernet1/1 = 15
Therefore, in "Tunnel" profile applied to Tunnel interface, Egress Guaranteed bandwidth <= (20/15)Mbps ~ 1.3Mbps
If we specify Egress Guaranteed to be more than ~1.3Mbps, validation would give an error "tunnel-traffic-group max bandwidth is smaller than its guaranteed bandwidth"
- Sum of Egress Guaranteed bandwidth of classes in a profile <= Egress Guaranteed of the profile.
Sum of Egress guaranteed bandwidth of all 8 classes in this Tunnel profile <= 1.3Mbps
If the sum is not <= Egress guaranteed of the profile, validation would fail with an error, "tunnel.X (profile Tunnel) guaranteed bandwidth is smaller than the sum of guaranteed bandwidth of its children"
This error message would be printed for each of the tunnel interface terminating on the egress physical interface.